claudex-setup 1.9.0 → 1.10.1

package/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## [1.10.0] - 2026-04-01
+
+### Added
+- 11 new MCP packs (15→26): sequential-thinking, jira-confluence, ga4-analytics, search-console, n8n-workflows, zendesk, infisical-secrets, shopify, huggingface, blender, wordpress
+- 7 new domain packs (10→17→16 final): ecommerce, ai-ml, devops-cicd, design-system, docs-content, security-focused
+- Smart recommendation for all new packs based on detected stack and domain
+- Detection logic: Storybook, Docusaurus, Stripe, LangChain, GitHub Actions, auth deps
+
 ## [1.9.0] - 2026-03-31
 
 ### Added

package/README.md

@@ -148,16 +148,16 @@ It exposes:
 - permission profiles: `read-only`, `suggest-only`, `safe-write`, `power-user`, `internal-research`
 - hook registry with trigger point, purpose, side effects, risk, and rollback path
 - policy packs for baseline engineering, security-sensitive repos, OSS, and regulated-lite teams
-- domain packs for backend, frontend, data, infra, OSS, and enterprise-governed repos
-- MCP packs for live docs and framework-aware tooling such as Context7 and Next.js devtools
+- 16 domain packs: backend-api, frontend-ui, data-pipeline, infra-platform, oss-library, enterprise-governed, monorepo, mobile, regulated-lite, ecommerce, ai-ml, devops-cicd, design-system, docs-content, security-focused, baseline-general
+- 26 MCP packs: Context7, Next.js devtools, GitHub, PostgreSQL, Playwright, Docker, Notion, Linear, Sentry, Slack, Stripe, Figma, Shopify, Hugging Face, Blender, WordPress, Jira/Confluence, GA4, Search Console, n8n, Zendesk, Infisical, Composio, memory, sequential-thinking, mcp-security
 - a pilot rollout kit with scope, approvals, success metrics, and rollback expectations
 
 ## Domain Packs And MCP Packs
 
 `augment` and `suggest-only` now recommend repo-shaped guidance instead of giving every project the same advice.
 
-- domain packs identify the repo shape: `backend-api`, `frontend-ui`, `data-pipeline`, `infra-platform`, `oss-library`, `enterprise-governed`
-- MCP packs recommend current-tooling companions: `context7-docs` for live docs, `next-devtools` for Next.js repos
+- 16 domain packs identify repo shape and recommend relevant modules
+- 26 MCP packs recommend tooling companions matched to your detected domain and stack
 - write-capable flows can merge MCP packs directly into `.claude/settings.json`
 
 ```bash
@@ -227,7 +227,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: DnaFin/claudex-setup@v1.9.0
+      - uses: DnaFin/claudex-setup@v1.10.0
         with:
           threshold: 50
 ```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "claudex-setup",
-  "version": "1.9.0",
+  "version": "1.10.1",
   "description": "Audit and improve Claude Code readiness with discover, plan, apply, governance, and benchmark workflows.",
   "main": "src/index.js",
   "bin": {

package/src/claudex-sync.json

@@ -4,8 +4,8 @@
   "total_items": 1107,
   "tested": 948,
   "last_id": 1157,
-  "domain_packs": 10,
-  "mcp_packs": 5,
+  "domain_packs": 16,
+  "mcp_packs": 26,
   "anti_patterns": 53,
   "contract_version": "1.0.0"
 }

package/src/domain-packs.js

@@ -79,6 +79,54 @@ const DOMAIN_PACKS = [
     recommendedMcpPacks: ['context7-docs'],
     benchmarkFocus: ['audit trail completeness', 'change traceability', 'policy compliance readiness'],
   },
+  {
+    key: 'ecommerce',
+    label: 'E-Commerce',
+    useWhen: 'Shopify, WooCommerce, Stripe, or storefront repos with payment, catalog, and analytics workflows.',
+    recommendedModules: ['verification', 'security workflow', 'commands', 'rules'],
+    recommendedMcpPacks: ['context7-docs', 'stripe-mcp'],
+    benchmarkFocus: ['payment safety', 'catalog workflow quality', 'analytics integration'],
+  },
+  {
+    key: 'ai-ml',
+    label: 'AI / ML',
+    useWhen: 'Repos with LLM chains, ML pipelines, model training, or AI agent workflows.',
+    recommendedModules: ['verification', 'agents', 'commands', 'benchmark'],
+    recommendedMcpPacks: ['context7-docs'],
+    benchmarkFocus: ['pipeline reproducibility', 'model workflow safety', 'experiment tracking'],
+  },
+  {
+    key: 'devops-cicd',
+    label: 'DevOps / CI/CD',
+    useWhen: 'Repos focused on CI/CD pipelines, GitHub Actions, deployment automation, or release engineering.',
+    recommendedModules: ['ci-devops', 'commands', 'hooks', 'governance'],
+    recommendedMcpPacks: ['context7-docs', 'github-mcp', 'docker-mcp'],
+    benchmarkFocus: ['pipeline safety', 'release workflow quality', 'deployment verification'],
+  },
+  {
+    key: 'design-system',
+    label: 'Design System',
+    useWhen: 'Component libraries, design token repos, or Storybook-driven projects with visual QA needs.',
+    recommendedModules: ['frontend rules', 'commands', 'verification', 'benchmark'],
+    recommendedMcpPacks: ['context7-docs', 'figma-mcp', 'playwright-mcp'],
+    benchmarkFocus: ['component quality', 'visual regression', 'token consistency'],
+  },
+  {
+    key: 'docs-content',
+    label: 'Docs / Content',
+    useWhen: 'Documentation sites, knowledge bases, or content-heavy repos (Docusaurus, GitBook, MDX).',
+    recommendedModules: ['commands', 'rules', 'verification'],
+    recommendedMcpPacks: ['context7-docs'],
+    benchmarkFocus: ['content quality', 'link integrity', 'build verification'],
+  },
+  {
+    key: 'security-focused',
+    label: 'Security-Focused',
+    useWhen: 'Repos handling auth, payments, PII, or secrets that need strict Claude guardrails.',
+    recommendedModules: ['governance', 'suggest-only profile', 'hooks', 'audit logging'],
+    recommendedMcpPacks: ['context7-docs', 'mcp-security'],
+    benchmarkFocus: ['permission posture', 'secrets protection', 'audit trail quality'],
+  },
 ];
 
 function uniqueByKey(items) {
@@ -207,6 +255,76 @@ function detectDomainPacks(ctx, stacks, assets = null) {
     ]);
   }
 
+  // E-commerce detection
+  const isEcommerce = deps.stripe || deps['@stripe/stripe-js'] || deps.shopify || deps['@shopify/shopify-api'] ||
+    deps.woocommerce || ctx.hasDir('products') || ctx.hasDir('checkout') || ctx.hasDir('cart');
+  if (isEcommerce) {
+    addMatch('ecommerce', [
+      'Detected e-commerce dependencies or storefront structure.',
+      deps.stripe ? 'Stripe dependency detected.' : null,
+      ctx.hasDir('checkout') ? 'Checkout directory detected.' : null,
+    ]);
+  }
+
+  // AI/ML detection
+  const isAiMl = deps.langchain || deps['@langchain/core'] || deps.openai || deps.anthropic ||
+    deps['@anthropic-ai/sdk'] || deps.transformers || deps.torch || deps.tensorflow ||
+    ctx.hasDir('chains') || ctx.hasDir('agents') || ctx.hasDir('models') || ctx.hasDir('prompts');
+  if (isAiMl && !hasData) {
+    addMatch('ai-ml', [
+      'Detected AI/ML dependencies or agent structure.',
+      deps.langchain ? 'LangChain detected.' : null,
+      ctx.hasDir('chains') ? 'Chain directory detected.' : null,
+    ]);
+  }
+
+  // DevOps/CI detection
+  const isDevopsCicd = ctx.hasDir('.github/workflows') || ctx.hasDir('.circleci') ||
+    ctx.files.includes('Jenkinsfile') || ctx.files.includes('.gitlab-ci.yml') ||
+    ctx.hasDir('deploy') || ctx.hasDir('scripts/deploy');
+  if (isDevopsCicd && !hasInfra) {
+    addMatch('devops-cicd', [
+      'Detected CI/CD pipelines or deployment scripts.',
+      ctx.hasDir('.github/workflows') ? 'GitHub Actions detected.' : null,
+      ctx.hasDir('deploy') ? 'Deploy directory detected.' : null,
+    ]);
+  }
+
+  // Design system detection
+  const isDesignSystem = deps.storybook || deps['@storybook/react'] || deps['@storybook/vue3'] ||
+    ctx.hasDir('tokens') || ctx.hasDir('design-tokens') ||
+    (ctx.hasDir('components') && ctx.files.includes('.storybook'));
+  if (isDesignSystem) {
+    addMatch('design-system', [
+      'Detected design system or component library signals.',
+      deps.storybook ? 'Storybook detected.' : null,
+      ctx.hasDir('tokens') ? 'Design tokens detected.' : null,
+    ]);
+  }
+
+  // Docs/content detection
+  const isDocsContent = deps.docusaurus || deps['@docusaurus/core'] || deps.nextra || deps.vitepress ||
+    deps.gitbook || ctx.files.includes('docusaurus.config.js') || ctx.files.includes('mkdocs.yml') ||
+    (ctx.hasDir('docs') && ctx.hasDir('content'));
+  if (isDocsContent) {
+    addMatch('docs-content', [
+      'Detected documentation site or content-heavy structure.',
+      deps.docusaurus ? 'Docusaurus detected.' : null,
+      ctx.files.includes('mkdocs.yml') ? 'MkDocs detected.' : null,
+    ]);
+  }
+
+  // Security-focused detection
+  const isSecurityFocused = ctx.files.includes('SECURITY.md') &&
+    (hasBackend || deps.bcrypt || deps.jsonwebtoken || deps.passport || deps['next-auth']);
+  if (isSecurityFocused && !isRegulated) {
+    addMatch('security-focused', [
+      'Detected security-sensitive backend with auth dependencies.',
+      deps.jsonwebtoken ? 'JWT auth detected.' : null,
+      deps.passport ? 'Passport auth detected.' : null,
+    ]);
+  }
+
   const deduped = uniqueByKey(matches);
   if (deduped.length === 0) {
     return [{

package/src/mcp-packs.js

@@ -61,6 +61,274 @@ const MCP_PACKS = [
       },
     },
   },
+  {
+    key: 'playwright-mcp',
+    label: 'Playwright Browser',
+    useWhen: 'Frontend repos that need browser automation, E2E testing, or visual QA during Claude sessions.',
+    adoption: 'Recommended for frontend-ui repos with E2E tests. No auth required.',
+    servers: {
+      playwright: {
+        command: 'npx',
+        args: ['-y', '@playwright/mcp@latest'],
+      },
+    },
+  },
+  {
+    key: 'docker-mcp',
+    label: 'Docker',
+    useWhen: 'Repos with containerized workflows that benefit from container management during Claude sessions.',
+    adoption: 'Useful for infra-platform and backend repos. Requires Docker running locally.',
+    servers: {
+      docker: {
+        command: 'npx',
+        args: ['-y', '@modelcontextprotocol/server-docker'],
+      },
+    },
+  },
+  {
+    key: 'notion-mcp',
+    label: 'Notion',
+    useWhen: 'Teams using Notion for documentation, wikis, or knowledge bases that Claude should reference.',
+    adoption: 'Useful for teams with Notion-based docs. Requires NOTION_API_KEY env var.',
+    servers: {
+      notion: {
+        command: 'npx',
+        args: ['-y', '@notionhq/notion-mcp-server'],
+        env: { NOTION_API_KEY: '${NOTION_API_KEY}' },
+      },
+    },
+  },
+  {
+    key: 'linear-mcp',
+    label: 'Linear',
+    useWhen: 'Teams using Linear for issue tracking that want Claude to read and create issues.',
+    adoption: 'Useful for teams managing sprints in Linear. Requires LINEAR_API_KEY env var.',
+    servers: {
+      linear: {
+        command: 'npx',
+        args: ['-y', '@linear/mcp-server'],
+        env: { LINEAR_API_KEY: '${LINEAR_API_KEY}' },
+      },
+    },
+  },
+  {
+    key: 'sentry-mcp',
+    label: 'Sentry',
+    useWhen: 'Repos with Sentry error tracking that benefit from error context during debugging sessions.',
+    adoption: 'Useful for production repos. Requires SENTRY_AUTH_TOKEN env var.',
+    servers: {
+      sentry: {
+        command: 'npx',
+        args: ['-y', '@sentry/mcp-server'],
+        env: { SENTRY_AUTH_TOKEN: '${SENTRY_AUTH_TOKEN}' },
+      },
+    },
+  },
+  {
+    key: 'slack-mcp',
+    label: 'Slack',
+    useWhen: 'Teams using Slack that want Claude to draft, preview, or post messages.',
+    adoption: 'Useful for team workflows. Requires SLACK_BOT_TOKEN env var.',
+    servers: {
+      slack: {
+        command: 'npx',
+        args: ['-y', '@anthropic/slack-mcp-server'],
+        env: { SLACK_BOT_TOKEN: '${SLACK_BOT_TOKEN}' },
+      },
+    },
+  },
+  {
+    key: 'stripe-mcp',
+    label: 'Stripe',
+    useWhen: 'Repos with Stripe integration for payments, subscriptions, or billing workflows.',
+    adoption: 'Useful for e-commerce and SaaS repos. Requires STRIPE_API_KEY env var.',
+    servers: {
+      stripe: {
+        command: 'npx',
+        args: ['-y', '@stripe/mcp-server'],
+        env: { STRIPE_API_KEY: '${STRIPE_API_KEY}' },
+      },
+    },
+  },
+  {
+    key: 'figma-mcp',
+    label: 'Figma',
+    useWhen: 'Design-heavy repos where Claude needs access to Figma designs and components.',
+    adoption: 'Useful for frontend-ui repos with design systems. Requires FIGMA_ACCESS_TOKEN env var.',
+    servers: {
+      figma: {
+        command: 'npx',
+        args: ['-y', '@anthropic/figma-mcp-server'],
+        env: { FIGMA_ACCESS_TOKEN: '${FIGMA_ACCESS_TOKEN}' },
+      },
+    },
+  },
+  {
+    key: 'mcp-security',
+    label: 'MCP Security Scanner',
+    useWhen: 'Any repo using MCP servers that should be scanned for tool poisoning and prompt injection.',
+    adoption: 'Recommended as a safety companion for any repo with 2+ MCP servers.',
+    servers: {
+      'mcp-scan': {
+        command: 'npx',
+        args: ['-y', 'mcp-scan@latest'],
+      },
+    },
+  },
+  {
+    key: 'composio-mcp',
+    label: 'Composio Universal',
+    useWhen: 'Teams needing 500+ integrations through a single MCP gateway with centralized OAuth.',
+    adoption: 'Useful for enterprise or integration-heavy repos. Requires COMPOSIO_API_KEY env var.',
+    servers: {
+      composio: {
+        command: 'npx',
+        args: ['-y', 'composio-mcp@latest'],
+        env: { COMPOSIO_API_KEY: '${COMPOSIO_API_KEY}' },
+      },
+    },
+  },
+  {
+    key: 'sequential-thinking',
+    label: 'Sequential Thinking',
+    useWhen: 'Complex problem-solving sessions that benefit from structured step-by-step reasoning.',
+    adoption: 'Safe default for any repo. No auth required.',
+    servers: {
+      'sequential-thinking': {
+        command: 'npx',
+        args: ['-y', '@modelcontextprotocol/server-sequential-thinking'],
+      },
+    },
+  },
+  {
+    key: 'jira-confluence',
+    label: 'Jira + Confluence',
+    useWhen: 'Teams using Atlassian for issue tracking and documentation.',
+    adoption: 'Requires ATLASSIAN_API_TOKEN and ATLASSIAN_EMAIL env vars.',
+    servers: {
+      jira: {
+        command: 'npx',
+        args: ['-y', '@anthropic/jira-mcp-server'],
+        env: { ATLASSIAN_API_TOKEN: '${ATLASSIAN_API_TOKEN}', ATLASSIAN_EMAIL: '${ATLASSIAN_EMAIL}' },
+      },
+    },
+  },
+  {
+    key: 'ga4-analytics',
+    label: 'Google Analytics 4',
+    useWhen: 'Repos with web analytics needs — live GA4 data, attribution, and audience insights.',
+    adoption: 'Requires GA4 credentials. 1,641 stars.',
+    servers: {
+      ga4: {
+        command: 'npx',
+        args: ['-y', '@anthropic/ga4-mcp-server'],
+        env: { GA4_PROPERTY_ID: '${GA4_PROPERTY_ID}' },
+      },
+    },
+  },
+  {
+    key: 'search-console',
+    label: 'Google Search Console',
+    useWhen: 'SEO-focused repos that need search performance data, indexing status, and sitemap insights.',
+    adoption: 'Requires GSC credentials. 595 stars.',
+    servers: {
+      gsc: {
+        command: 'npx',
+        args: ['-y', 'mcp-gsc@latest'],
+        env: { GSC_CREDENTIALS: '${GSC_CREDENTIALS}' },
+      },
+    },
+  },
+  {
+    key: 'n8n-workflows',
+    label: 'n8n Workflow Automation',
+    useWhen: 'Teams using n8n for workflow automation with 1,396 integration nodes.',
+    adoption: 'Requires n8n instance URL. 17,092 stars.',
+    servers: {
+      n8n: {
+        command: 'npx',
+        args: ['-y', 'n8n-mcp-server@latest'],
+        env: { N8N_URL: '${N8N_URL}', N8N_API_KEY: '${N8N_API_KEY}' },
+      },
+    },
+  },
+  {
+    key: 'zendesk-mcp',
+    label: 'Zendesk',
+    useWhen: 'Support teams using Zendesk for ticket management and help center content.',
+    adoption: 'Requires ZENDESK_API_TOKEN env var. 79 stars.',
+    servers: {
+      zendesk: {
+        command: 'npx',
+        args: ['-y', 'zendesk-mcp-server@latest'],
+        env: { ZENDESK_API_TOKEN: '${ZENDESK_API_TOKEN}', ZENDESK_SUBDOMAIN: '${ZENDESK_SUBDOMAIN}' },
+      },
+    },
+  },
+  {
+    key: 'infisical-secrets',
+    label: 'Infisical Secrets',
+    useWhen: 'Repos using Infisical for secrets management with auto-rotation.',
+    adoption: 'Requires INFISICAL_TOKEN env var. 25,629 stars.',
+    servers: {
+      infisical: {
+        command: 'npx',
+        args: ['-y', '@infisical/mcp-server'],
+        env: { INFISICAL_TOKEN: '${INFISICAL_TOKEN}' },
+      },
+    },
+  },
+  {
+    key: 'shopify-mcp',
+    label: 'Shopify',
+    useWhen: 'Shopify stores and apps that need API schema access and deployment tooling.',
+    adoption: 'Official Shopify dev MCP. Requires SHOPIFY_ACCESS_TOKEN env var.',
+    servers: {
+      shopify: {
+        command: 'npx',
+        args: ['-y', '@shopify/dev-mcp-server'],
+        env: { SHOPIFY_ACCESS_TOKEN: '${SHOPIFY_ACCESS_TOKEN}' },
+      },
+    },
+  },
+  {
+    key: 'huggingface-mcp',
+    label: 'Hugging Face',
+    useWhen: 'AI/ML repos that need model search, dataset discovery, and Spaces integration.',
+    adoption: 'Useful for ai-ml domain repos. Requires HF_TOKEN env var.',
+    servers: {
+      huggingface: {
+        command: 'npx',
+        args: ['-y', '@huggingface/mcp-server'],
+        env: { HF_TOKEN: '${HF_TOKEN}' },
+      },
+    },
+  },
+  {
+    key: 'blender-mcp',
+    label: 'Blender 3D',
+    useWhen: '3D modeling, animation, or rendering repos that use Blender. 18,219 stars.',
+    adoption: 'Requires Blender installed locally. Python bridge.',
+    servers: {
+      blender: {
+        command: 'npx',
+        args: ['-y', 'blender-mcp@latest'],
+      },
+    },
+  },
+  {
+    key: 'wordpress-mcp',
+    label: 'WordPress',
+    useWhen: 'WordPress sites needing content management, site ops, and plugin workflows.',
+    adoption: 'Requires WP_URL and WP_AUTH_TOKEN env vars. 115 stars.',
+    servers: {
+      wordpress: {
+        command: 'npx',
+        args: ['-y', 'wordpress-mcp-server@latest'],
+        env: { WP_URL: '${WP_URL}', WP_AUTH_TOKEN: '${WP_AUTH_TOKEN}' },
+      },
+    },
+  },
 ];
 
 function clone(value) {
@@ -109,9 +377,10 @@ function recommendMcpPacks(stacks = [], domainPacks = []) {
     recommended.add('context7-docs');
   }
 
-  // GitHub MCP for repos with .github directory
   const domainKeys = new Set(domainPacks.map(p => p.key));
-  if (domainKeys.has('oss-library') || domainKeys.has('enterprise-governed')) {
+
+  // GitHub MCP for collaborative repos
+  if (domainKeys.has('oss-library') || domainKeys.has('enterprise-governed') || domainKeys.has('monorepo')) {
     recommended.add('github-mcp');
   }
 
@@ -120,11 +389,72 @@ function recommendMcpPacks(stacks = [], domainPacks = []) {
     recommended.add('postgres-mcp');
   }
 
-  // Memory MCP for complex/monorepo projects
+  // Memory MCP for complex projects
   if (domainKeys.has('monorepo') || domainKeys.has('enterprise-governed')) {
     recommended.add('memory-mcp');
   }
 
+  // Playwright for frontend repos
+  if (domainKeys.has('frontend-ui') || stackKeys.has('react') || stackKeys.has('vue') || stackKeys.has('angular') || stackKeys.has('svelte')) {
+    recommended.add('playwright-mcp');
+  }
+
+  // Docker for infra repos
+  if (domainKeys.has('infra-platform') || stackKeys.has('docker')) {
+    recommended.add('docker-mcp');
+  }
+
+  // Sentry for production backend/frontend
+  if (domainKeys.has('backend-api') || domainKeys.has('frontend-ui')) {
+    recommended.add('sentry-mcp');
+  }
+
+  // Figma for frontend-ui with design systems
+  if (domainKeys.has('frontend-ui')) {
+    recommended.add('figma-mcp');
+  }
+
+  // Stripe for e-commerce
+  if (domainKeys.has('ecommerce')) {
+    recommended.add('stripe-mcp');
+  }
+
+  // Jira for enterprise teams
+  if (domainKeys.has('enterprise-governed')) {
+    recommended.add('jira-confluence');
+  }
+
+  // Analytics for ecommerce and marketing
+  if (domainKeys.has('ecommerce') || domainKeys.has('docs-content')) {
+    recommended.add('ga4-analytics');
+    recommended.add('search-console');
+  }
+
+  // Shopify for ecommerce
+  if (domainKeys.has('ecommerce')) {
+    recommended.add('shopify-mcp');
+  }
+
+  // HuggingFace for AI/ML
+  if (domainKeys.has('ai-ml')) {
+    recommended.add('huggingface-mcp');
+  }
+
+  // Zendesk for support
+  if (domainKeys.has('enterprise-governed')) {
+    recommended.add('zendesk-mcp');
+  }
+
+  // Infisical for security-focused
+  if (domainKeys.has('security-focused') || domainKeys.has('regulated-lite')) {
+    recommended.add('infisical-secrets');
+  }
+
+  // Security scanner when 2+ MCP servers recommended
+  if (recommended.size >= 2) {
+    recommended.add('mcp-security');
+  }
+
   return MCP_PACKS
     .filter(pack => recommended.has(pack.key))
     .map(pack => clone(pack));

package/src/techniques.js

@@ -696,8 +696,12 @@ const TECHNIQUES = {
     id: 1801,
     name: '2+ MCP servers for rich tooling',
     check: (ctx) => {
+      let count = 0;
       const settings = ctx.jsonFile('.claude/settings.local.json') || ctx.jsonFile('.claude/settings.json');
-      return !!(settings && settings.mcpServers && Object.keys(settings.mcpServers).length >= 2);
+      if (settings && settings.mcpServers) count += Object.keys(settings.mcpServers).length;
+      const mcpJson = ctx.jsonFile('.mcp.json');
+      if (mcpJson && mcpJson.mcpServers) count += Object.keys(mcpJson.mcpServers).length;
+      return count >= 2;
     },
     impact: 'medium',
     rating: 4,